2.4.1. "How do I get on--and off--the Cypherpunks list?" - Send a message to "firstname.lastname@example.org" - Any auto-processed commands? - don't send requests to the list as a whole....this will mark you as "clueless" 2.4.2. "Why does the Cypherpunks list sometimes go down, or lose the subscription list?" - The host machine, toad.com, owned by John Gilmore, has had the usual problems such machines have: overloading, shortages of disk space, software upgrades, etc. Hugh Daniel has done an admirable job of keeping it in good shape, but problems do occur. - Think of it as warning that lists and communication systems remain somewhat fragile....a lesson for what is needed to make digital money more robust and trustable. - There is no paid staff, no hardware budget for improvements. The work done is strictly voluntarily. 2.4.3. "If I've just joined the Cypherpunks list, what should I do?" - Read for a while. Things will become clearer, themes will emerge, and certain questions will be answered. This is good advice for any group or list, and is especially so for a list with 500 or more people on it. (We hit 700+ at one point, then a couple of list outages knocked the number down a bit.) - Read the references mentioned here, if you can. The sci.crypt FAQ should be read. And purchase Bruce Schneier's "Applied Cryptography" the first chance you get. - Join in on things that interest you, but don't make a fool of yourself. Reputations matter, and you may come to regret having come across as a tedious fool in your first weeks on the list. (If you're a tedious fool after the first few weeks, that may just be your nature, of course.) - Avoid ranting and raving on unrelated topics, such as abortion (pro or con), guns (pro or con), etc. The usual topics that usually generate a lot of heat and not much light. (Yes, most of us have strong views on these and other topics, and, yes, we sometimes let our views creep into discussions. There's no denying that certain resonances exist. I'm just urging caution.) 2.4.4. "I'm swamped by the list volume; what can I do?" - This is a natural reaction. Nobody can follow it all; I spend entirely too many hours a day reading the list, and I certainly can't follow it all. Pick areas of expertise and then follow them and ignore the rest. After all, not seeing things on the list can be no worse than not even being subscribed to the list! - Hit the "delete" key quickly - find someone who will digest it for you (Eric Hughes has repeatedly said anyone can retransmit the list this way; Hal Finney has offered an encrypted list) + Better mailers may help. Some people have used mail-to-news systems and then read the list as a local newsgroup, with threads. - I have Eudora, which supports off-line reading and sorting features, but I generally end up reading with an online mail program (elm). - The mailing list may someday be switched over to a newsgroup, a la "alt.cypherpunks." (This may affect some people whose sites do not carry alt groups.) 2.4.5. "It's very easy to get lost in the morass of detail here. Are there any ways to track what's *really* important?" - First, a lot of the stuff posted in the Usenet newsgroups, and on the Cypherpunks list, is peripheral stuff, epiphenomenal cruft that will blow away in the first strong breeze. Grungy details about PGP shells, about RSA encryption speeds, about NSA supercomputers. There's just no reason for people to worry about "weak IDEA keys" when so many more pressing matters exist. (Let the experts worry.) Little of this makes any real difference, just as little of the stuff in daily newspapers is memorable or deserves to be memorable. - Second, "read the sources." Read "1984," "The Shockwave Rider," "Atlas Shrugged," "True Names." Read the Chaum article on making Big Brother obsolete (October 1985, "Communications of the ACM"). - Third, don't lose sight of the core values: privacy, technological solutions over legal solutions, avoiding taxation, bypassing laws, etc. (Not everyone will agree with all of these points.) - Fourth, don't drown in the detail. Pick some areas of interest and follow _them_. You may not need to know the inner workings of DES or all the switches on PGP to make contributions in other areas. (In fact, you surely don't.) 2.4.6. "Who are the Cypherpunks?" - A mix of about 500-700 + Can find out who by sending message to email@example.com with the message body text "who cypherpunks" (no quotes, of course). - Is this a privacy flaw? Maybe. - Lots of students (they have the time, the Internet accounts). Lots of computer science/programming folks. Lots of libertarians. - quote from Wired article, and from "Whole Earth Review" 2.4.7. "Who runs the Cypherpunks?" - Nobody. There's no formal "leadership." No ruler = no head = an arch = anarchy. (Look up the etymology of anarchy.) - However, the mailing list currently resides on a physical machine, and this machine creates some nexus of control, much like having a party at someon'e house. The list administrator is currently Eric Hughes (and has been since the beginning). He is helped by Hugh Daniel, who often does maintenance of the toad.com, and by John Gilmore, who owns the toad.com machine and account. - In an extreme situation of abuse or neverending ranting, these folks could kick someone off the list and block them from resubscribing via majordomo. (I presume they could-- it's never happened.) - To emphasize: nobody's ever been kicked off the list, so far as I know. Not even Detweiler...he asked to be removed (when the list subscribes were done manually). - As to who sets policy, there is no policy! No charter, no agenda, no action items. Just what people want to work on themselves. Which is all that can be expected. (Some people get frustrated at this lack of consensus, and they sometimes start flaming and ranting about "Cypherpunks never do anything," but this lack of consensus is to be expected. Nobody's being paid, nobody's got hiring and firing authority, so any work that gets done has to be voluntary. Some volunteer groups are more organized than we are, but there are other factors that make this more possible for them than it is for us. C'est la vie.) - Those who get heard on the mailing list, or in the physical meetings, are those who write articles that people find interesting or who say things of note. Sounds fair to me. 2.4.8. "Why don't the issues that interest me get discussed?" - Maybe they already have been--several times. Many newcomers are often chagrined to find arcane topics being discussed, with little discussion of "the basics." - This is hardly surprising....people get over the "basics" after a few months and want to move on to more exciting (to them) topics. All lists are like this. - In any case, after you've read the list for a while--maybe several weeks--go ahead and ask away. Making your topic fresher may generate more responses than, say, asking what's wrong with Clipper. (A truly overworked topic, naturally.) 2.4.9. "How did the Cypherpunks group get started?" 2.4.10. "Where did the name 'Cypherpunks' come from?" + Jude Milhon, aka St. Jude, then an editor at "Mondo 2000," was at the earliest meetings...she quipped "You guys are just a bunch of cypherpunks." The name was adopted immediately. - The 'cyberpunk' genre of science fiction often deals with issues of cyberspace and computer security ("ice"), so the link is natural. A point of confusion is that cyberpunks are popularly thought of as, well, as "punks," while many Cyberpunks are frequently libertarians and anarchists of various stripes. In my view, the two are not in conflict. - Some, however, would prefer a more staid name. The U.K. branch calls itself the "U.K. Crypto Privacy Association." <check this> However, the advantages of the name are clear. For one thing, many people are bored by staid names. For another, it gets us noticed by journalists and others. - - We are actually not very "punkish" at all. About as punkish as most of our cyberpunk cousins are, which is to say, not very. + the name - Crypto Cabal (this before the sci.crypt FAQ folks appeared, I think), Crypto Liberation Front, other names - not everybody likes the name...such is life 2.4.11. "Why doesn't the Cypherpunks group have announced goals, ideologies, and plans?" - The short answer: we're just a mailing list, a loose association of folks interested in similar things - no budget, no voting, no leadership (except the "leadership of the soapbox") - How could such a consensus emerge? The usual approach is for an elected group (or a group that seized power) to write the charter and goals, to push their agenda. Such is not the case here. - Is this FAQ a de facto statement of goals? Not if I can help it, to be honest. Several people before me planned some sort of FAQ, and had they completed them, I certainly would not have felt they were speaking for me or for the group. To be consistent, then, I cannot have others think this way about _this_ FAQ! 2.4.12. "What have the Cypherpunks actually done?" - spread of crypto: Cypherpunks have helped (PGP)...publicity, an alternative forum to sci.crypt (in many ways, better...better S/N ratio, more polite) - Wired, Whole Earth Review, NY Times, articles - remailers, encrypted remailers + The Cypherpunk- and Julf/Kleinpaste-style remailers were both written very quickly, in just days - Eric Hughes wrote the first Cypherpunks remailer in a weekend, and he spent the first day of that weekend learning enough Perl to do the job. + Karl Kleinpaste wrote the code that eventually turned into Julf's remailer (added to since, of course) in a similarly short time: - "My original anon server, for godiva.nectar.cs.cmu.edu 2 years ago, was written in a few hours one bored afternoon. It wasn't as featureful as it ended up being, but it was "complete" for its initial goals, and bug-free." [Karl_Kleinpaste@cs.cmu.edu, alt.privacy.anon-server, 1994-09-01] - That other interesting ideas, such as digital cash, have not yet really emerged and gained use even after years of active discussion, is an interesting contrast to this rapid deployment of remailers. (The text-based nature of both straight encryption/signing and of remailing is semantically simpler to understand and then use than are things like digital cash, DC-nets, and other crypto protocols.) - ideas for Perl scripts, mail handlers - general discussion, with folks of several political persuasions - concepts: pools, Information Liberation Front, BlackNet - 2.4.13. "How Can I Learn About Crypto and Cypherpunks Info?" 2.4.14. "Why is there sometimes disdain for the enthusiasm and proposals of newcomers?" - None of us is perfect, so we sometimes are impatient with newcomers. Also, the comments seen tend to be issues of disagreement--as in all lists and newsgroups (agreement is so boring). - But many newcomers also have failed to do the basic reading that many of us did literally _years_ before joining this list. Cryptology is a fairly technical subject, and one can no more jump in and expect to be taken seriously without any preparation than in any other technical field. - Finally, many of us have answered the questions of newcomers too many times to be enthusiastic about it anymore. Familiarity breeds contempt. + Newcomers should try to be patient about our impatience. Sometimes recasting the question generates interest. Freshness matters. Often, making an incisive comment, instead of just asking a basic question, can generate responses. (Just like in real life.) - "Clipper sux!" won't generate much response. 2.4.15. "Should I join the Cypherpunks mailing list?" - If you are reading this, of course, you are most likely on the Cypherpunks list already and this point is moot--you may instead be asking if you should_leave_ the List! - Only if you are prepared to handle 30-60 messages a day, with volumes fluctuating wildly 2.4.16. "Why isn't the Cypherpunks list encrypted? Don't you believe in encryption?" - what's the point, for a publically-subscribable list? - except to make people jump through hoops, to put a large burden on toad (unless everybody was given the same key, so that just one encryption could be done...which underscores the foolishness) + there have been proposals, mainly as a stick to force people to start using encryption...and to get the encrypted traffic boosted - involving delays for those who choose not or can't use crypto (students on terminals, foreigners in countries which have banned crypto, corporate subscribers....) 2.4.17. "What does "Cypherpunks write code' mean?" - a clarifying statement, not an imperative - technology and concrete solutions over bickering and chatter - if you don't write code, fine. Not everyone does (in fact, probably less than 10% of the list writes serious code, and less than 5% writes crypto or security software 2.4.18. "What does 'Big Brother Inside' Mean?" - devised by yours truly (tcmay) at Clipper meeting - Matt Thomlinson, Postscript - printed by .... 2.4.19. "I Have a New Idea for a Cipher---Should I Discuss it Here?" - Please don't. Ciphers require careful analysis, and should be in paper form (that is, presented in a detailed paper, with the necessary references to show that due diligence was done, the equations, tables, etc. The Net is a poor substitute. - Also, breaking a randomly presented cipher is by no means trivial, even if the cipher is eventually shown to be weak. Most people don't have the inclination to try to break a cipher unless there's some incentive, such as fame or money involved. - And new ciphers are notoriously hard to design. Experts are the best folks to do this. With all the stuff waiting to be done (described here), working on a new cipher is probably the least effective thing an amateur can do. (If you are not an amateur, and have broken other people's ciphers before, then you know who you are, and these comments don't apply. But I'll guess that fewer than a handful of folks on this list have the necessary background to do cipher design.) - There are a vast number of ciphers and systems, nearly all of no lasting significance. Untested, undocumented, unused- -and probably unworthy of any real attention. Don't add to the noise. 2.4.20. Are all the Cypherpunks libertarians? 2.4.21. "What can we do?" - Deploy strong crypto, to ensure the genie cannot be put in the bottle - Educate, lobby, discuss - Spread doubt, scorn..help make government programs look foolish - Sabotage, undermine, monkeywrench - Pursue other activities 2.4.22. "Why is the list unmoderated? Why is there no filtering of disrupters like Detweiler?" - technology over law - each person makes their own choice - also, no time for moderation, and moderation is usually stultifying + anyone who wishes to have some views silenced, or some posters blocked, is advised to: - contract with someone to be their Personal Censor, passing on to them only approved material - subscribe to a filtering service, such as Ray and Harry are providing 2.4.23. "What Can I Do?" - politics, spreading the word - writing code ("Cypherpunks write code") 2.4.24. "Should I publicize my new crypto program?" - "I have designed a crypting program, that I think is unbreakable. I challenge anyone who is interested to get in touch with me, and decrypt an encrypted massage." "With highest regards, Babak Sehari." [Babak Sehari, sci.crypt, 6-19-94] 2.4.25. "Ask Emily Post Crypt" + my variation on "Ask Emily Postnews" - for those that don't know, a scathing critique of clueless postings + "I just invented a new cipher. Here's a sample. Bet you can't break it!" - By all means post your encrypted junk. We who have nothing better to do with our time than respond will be more than happy to spend hours running your stuff through our codebreaking Crays! - Be sure to include a sample of encrypted text, to make yourself appear even more clueless. + "I have a cypher I just invented...where should I post it?" + "One of the very most basic errors of making ciphers is simply to add - layer upon layer of obfuscation and make a cipher which is nice and - "complex". Read Knuth on making random number generators for the - folly in this kind of approach. " <Eric Hughes, 4-17- 94, Cypherpunks> + "Ciphers carry the presumption of guilt, not innocence. Ciphers - designed by amateurs invariably fail under scrutiny by experts. This - sociological fact (well borne out) is where the presumption of - insecurity arises. This is not ignorance, to assume that this will - change. The burden of proof is on the claimer of security, not upon - the codebreaker. <Eric Hughes, 4-17-94, Cypherpunks> + "I've just gotten very upset at something--should I vent my anger on the mailing list?" - By all means! If you're fed up doing your taxes, or just read something in the newspaper that really angered you, definitely send an angry message out to the 700 or so readers and help make _them_ angry! - Find a bogus link to crypto or privacy issues to make it seem more relevant. 2.4.26. "What are some main Cypherpunks projects?" + remailers + better remailers, more advanced features - digital postage - padding, batching/latency - agent features - more of them - offshore (10 sites in 5 countries, as a minimum) - tools, services - digital cash in better forms - 2.4.27. "What about sublists, to reduce the volume on the main list." - There are already half a dozen sub-lists, devoted to planning meetings, to building hardware, and to exploring DC-Nets. There's one for remailer operators, or there used to be. There are also lists devoted to similar topics as Cypherpunks, including Robin Hanson's "AltInst" list (Alternative Institutions), Nick Szabo's "libtech-l" list, the "IMP-Interest" (Internet Mercantile Protocols) list, and so on. Most are very low volume. + That few folks have heard of any of them, and that traffic volumes are extremely low, or zero, is not all that surprising, and matches experiences elsewhere. Several reasons: - Sublists are a bother to remember; most people forget they exist, and don't think to post to them. (This "forgetting" is one of the most interesting aspects of cyberspace; successful lists seem to be Schelling points that accrete even more members, while unsuccessful lists fade away into nothingness.) - There's a natural desire to see one's words in the larger of two forums, so people tend to post to the main list. - The sublists were sometimes formed in a burst of exuberance over some topic, which then faded. - Topics often span several subinterest areas, so posting to the main list is better than copying all the relevant sublists. - In any case, the Cypherpunks main list is "it," for now, and has driven other lists effectively out of business. A kind of Gresham's Law.
Next Page: 2.5 Crypto
Previous Page: 2.3 "What's the 'Big Picture'?"
By Tim May, see README
HTML by Jonathan Rochkind